<?php
////////////////////////////////////////////////////////////////////////
//
//     Copyright (c) 2009-2013 Denim Group, Ltd.
//
//     The contents of this file are subject to the Mozilla Public License
//     Version 2.0 (the "License"); you may not use this file except in
//     compliance with the License. You may obtain a copy of the License at
//     http://www.mozilla.org/MPL/
//
//     Software distributed under the License is distributed on an "AS IS"
//     basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See the
//     License for the specific language governing rights and limitations
//     under the License.
//
//     The Original Code is ThreadFix.
//
//     The Initial Developer of the Original Code is Denim Group, Ltd.
//     Portions created by Denim Group, Ltd. are Copyright (C)
//     Denim Group, Ltd. All Rights Reserved.
//
//     Contributor(s): Denim Group, Ltd.
//
////////////////////////////////////////////////////////////////////////
?>
<!-- XSS TEST - STORED -->
<!-- The goal is to pull the payload from the database. After that we'll see. -->

<html>
	<head>
		<title>Threadfix Vulnerability Demos</title>
	</head>
	<body>
	<h2> Demo List </h2>
	<ol>
		<li><a href="XSS.php">XSS</a><br/></li>
		<li><a href="SQLI.php">SQL Injection</a><br/></li>
		<li><a href="PredictableResource.php">Predictable Resource Location</a><br/></li>
		<li><a href="PathTraversal.php?action=PathTraversal.php">Path Traversal</a></li>
		<li><a href="DirectoryIndexing/">Directory Indexing</a></li>
		<li><a href="XPathInjection.php">XPath Injection</a></li>
		<li><a href="LDAPInjection.php">LDAP Injection</a></li>
		<li><a href="FormatString.php">Format String Injection</a></li>
		<li><a href="OSCommandInjection.php">OS Command Injection</a></li>
		<li><a href="EvalInjection.php">Eval Injection</a></li>
	</ol>
	</body>
</html>
